Kautilya: Teensy beyond shells

Size: px
Start display at page:

Download "Kautilya: Teensy beyond shells"

Transcription

1 Kautilya: Teensy beyond shells Kautilya Toolkit for Teensy device Nikhil Mittal 1 P a g e

2 Contents Kautilya Toolkit for Teensy device... 1 Nikhil Mittal... 1 Abstract... 3 Attack Surface and Scenarios... 3 Current Usage... 3 Kautilya... 3 Keylogger... 4 Uninstall MSIExec compatible application... 4 Information Gather... 4 Download and Execute... 4 MSF Modules... 4 Network Sniffer... 4 Breaking Browser Security... 4 Sethc and Utilman backdoor... 5 Hashdump... 5 Wireless Rogue AP... 5 Other Windows Payload... 5 Linux built-in Reverse Shells... 5 Other Linux Payloads... 5 Limitations... 5 Future and TODO... 6 Conclusion... 6 References P a g e

3 Abstract As hackers, we have been exploiting the inherent trust by Operating System on Human Interface Devices for some time now. Teensy is a USB Micro-controller; a device which can act as a Human Interface Device when connected to a computer and is able to do the job pre-programmed in it. Many interesting things have been done using Teensy as a keyboard. We have mostly seen shells, many types of them. It is time we start looking at Teensy as a pentesting device capable of doing much more than popping shells. Introducing Kautilya, a toolkit which can be used to perform various preexploitation and post-exploitation activities. Kautilya aims on easing the use of attack vectors which traditionally require human intervention but can be automated using Teensy. Kautilya contains some nice customizable payloads which may be used for enumeration, info gathering, disabling countermeasures, keylogging and using Operating System against itself for much more. Attack Surface and Scenarios Talking about the attack surface, during the usage of Teensy during live penetration tests and also during the development of Kautilya the author never came across any countermeasure software which blocks it or a user environment where USB port is disabled. Note that it works even if USB Mass Storage is disabled. So the attack surface turns out to be quite large and that too unprotected. Usage of teensy device can broadly in many scenarios; two most likely (obviously) are Internal Penetration Tests and External Penetration Tests. In the first scenario, you can wait for someone to leave a system unlocked for few seconds or leave it on someone s desk disguised in a thumb drive or USB toy etc. In the second scenario, the usage is quite similar and you need some simple Social Engineering skills to get someone to plug this in his computer. Teensy can again be disguised as a thumb drive, USB toy or mouse etc and can be left in parking lot, reception area etc. Current Usage Currently, nice attack vectors using Teensy are implemented in the Social Engineering Toolkit (SET) 1. The attack vectors in SET as of this writing are almost all for popping shells. You cannot do a variety of pre and post exploitation things with that. The author believes that Teensy should be used for much more, some nice suggestions and implementations can be found in the Hak5 Rubber Ducky Forums 2. Kautilya Usage of Teensy can be expanded beyond shells and this is the point of the paper and to some extent Kautilya. Kautilya is a toolkit which aims to make Teensy a complete penetration test tool. It is written in ruby and is a menu driven program. A user can choose options from menu and is asked some questions to create a customizable payload. 3 P a g e

4 In Kautilya, you have pre and post exploitation payloads which come in handy during a penetration test. The payloads are combination of OS commands, built-in tools and powershell/bash script or mixture of commands and scripts. Let s have a look at some of them. Keylogger The keylogger is written entirely in powershell. Teensy is used to type the powershell script on the victim machine. All keys and mouse-clicks are logged and uploaded every twenty seconds by default to pastebin as a private paste. There is a separate powershell script to parse the uploaded keys. Uninstall MSIExec compatible application This payload allows you to silently remove any MSIExec compatible application (many AVs are MSIExec compatible) 3. You have to give name of the application and it will remove the application. This too is written in powershell. There is another payload under development for using WMI for un-installation. Information Gather This payload uses a powershell script to extract useful registry keys and other information from a victim machine and paste it to pastebin as a private paste. The registry keys are mostly taken from Metasploit s 4 meterpreter scripts. Of course, the registry keys accessible depend upon the privileges of current user. Download and Execute This payload is written in powershell. It can either download and execute an executable from google docs or byte converted exe can be downloaded in form of text from pastebin or google docs, the text will then be converted back into exe and is executed. File format exploits have also been tested with this module, as long as file format can be converted to text or can be downloaded directly from google docs, this works. Although, file format exploits are not currently implemented in Kautilya. MSF Modules Currently, two modules from metasploit have been used, namely, enable telnet and enable rdp. Both modules (as in msf too) add a user, enable the requested service and add an exception too windows firewall. More useful modules will be added in future. Network Sniffer A network sniffer in powershell, based upon get-packet script by Robbie Foust 5. The sniffed data is uploaded to a ftp server. This payload leaves a lot to be improved as Breaking Browser Security This is a class of payloads actually. One payload runs Chrome s Remoting Plugin ((plugin should be installed already) and copies the access code to pastebin as a private paste. Other one disables NoScript in firefox. Both they payloads are in visible category, that is, they do NOT operate from command line and works on the browser windows. This makes them noisy and easy interruptible, but is useful if used correctly. 4 P a g e

5 Sethc and Utilman backdoor This payload uses registry tweaks to launch user defined executable in place of sethc.exe (called when SHIFT keys is pressed five times) and utilman.exe. This payload if executed successfully provides a execution with system privileges on a locked machine, when the correct key combination is pressed. Hashdump This payload uses powerdump script from metasploit to dump password hashes from the victim. The script is executed as a task to run it under system privileges. The hashes are then uploaded to pastebin as a private paste. Wireless Rogue AP This payload utilizes Windows wireless hosted network functionality popularized by this video at Securitytube 6. This payload creates a wireless hosted network on a target machine with user defined SSID and network key. Other Windows Payload Some other payloads are, forceful browsing, change default dns, edit hosts file, add a user and Tweet some text. Linux built-in Reverse Shells Implementation of few reverse shells as defined here 7. Other Linux Payloads Some other payloads for Linux are edit host file, change nameserver, add user, turn off ASLR and turning off iptables. Many payloads for Linux are tested but are not included in Teensy as, most of them need root permissions and generally desktops are based on windows. Other than payloads, Kautilya implements some stealth measures which include obscured command prompt while typing, clearing some registry keys and cleaning up dropped files after usage. Limitations Teensy cannot read back from a system as of now. This is one major limitation while writing payloads for Teensy as it makes payloads less responsive to the state of a system. You have to pre-define possible situations for a payload as it is not possible to read response from the system at runtime. This is however somewhat curbed when you use powerful scripting languages like powershell and bash. Another limitation is the small default storage available with teensy, however some recent works 8 have successfully attached and utilized a SD card with teensy. Kautilya has its own limitations. For example, right now if you want to use payloads generated by metasploit, say for download and exec you have to generate them separately and post them at google docs or pastebin. The URL can then be provided at Kautilya command menu. Some payloads are not stealthy and may alert a watchful user. There may also be limitations in the efficiency and effectiveness of coding limited by author s knowledge of different Operating Systems. 5 P a g e

6 Also, all the payloads have been designed for a teensy without additional storage. This is done so that a user completely unaware of how to attach a SD card to teensy can start using Kautilya straightaway. Future and TODO You may see more payloads for Linux in Kautilya as in Linux you can do everything from command line and that makes it more prone to attack vectors such as teensy. Also, Kautilya which right now is a toolkit will be developed in a framework aiding in code reuse and will provide modules as libraries 9 to make payload development easier. Also, better and uniform coding standards, support for non-english keyboards, payloads for Mac OS X may be implemented. Current payloads will be definitely improved after feedback from community. Conclusion Kautilya tries to bring teensy to more hackers, penetration testers and security administrators. It provides some easy to use customizable payloads useful in security testing and penetration tests. We had a look at the payloads and their functionality. We also had a look at the limitations of Kautilya nd the future work. In coming time, much more can be done using Kautilya and the author expects to take feature requests and feedbacks from the community. Kautilya is at nascent stage right now but it aims to become an indispensible part of a Penetration Tester s toolchest. Once you start working on something, don't be afraid of failure and don't abandon it. People who work sincerely are the happiest. Kautilya a.k.a Chanakya (370BC 283BC) References Using the Teensy for so much more... David Kennedy & Josh Kelley, BSides LasVegas 9 PHUKD. 6 P a g e

How To Use Powerhell For Security Research

How To Use Powerhell For Security Research PowerShell David Kennedy (ReL1K) Josh Kelley (Winfang) http://www.secmaniac.com Twitter: dave_rel1k winfang98 About Josh Security Analyst with a Fortune 1000 --- Works with Dave Heavy experience in penetration

More information

PowerShell for Penetration Testers

PowerShell for Penetration Testers Training: PowerShell for Penetration Testers Dates of the training: March 14-15,2016 in Heidelberg, Germany Book Now using the code: TR16HMTRAINING and save an additional 10% of the current valid rate!

More information

CIT 480: Securing Computer Systems. Vulnerability Scanning and Exploitation Frameworks

CIT 480: Securing Computer Systems. Vulnerability Scanning and Exploitation Frameworks CIT 480: Securing Computer Systems Vulnerability Scanning and Exploitation Frameworks Vulnerability Scanners Vulnerability scanners are automated tools that scan hosts and networks for potential vulnerabilities,

More information

PowerShell. It s time to own. David Kennedy (ReL1K) Josh Kelley (Winfang) http://www.secmaniac.com Twitter: dave_rel1k

PowerShell. It s time to own. David Kennedy (ReL1K) Josh Kelley (Winfang) http://www.secmaniac.com Twitter: dave_rel1k PowerShell It s time to own. David Kennedy (ReL1K) Josh Kelley (Winfang) http://www.secmaniac.com Twitter: dave_rel1k About Josh Security Analyst with a Fortune 1000 --- Works with Dave Heavy experience

More information

Automation of Post-Exploitation

Automation of Post-Exploitation Automation of Post-Exploitation (Focused on MS-Windows Targets) Mohammad Tabatabai Irani and Edgar R. Weippl Secure Business Austria, Favoritenstr. 16, A-1040 Vienna, Austria {mtabatabai,eweippl}@securityresearch.at

More information

Social Engineering Toolkit

Social Engineering Toolkit Social Engineering Toolkit Author: 3psil0nLaMbDa a.k.a Karthik R, INDIA http://www.epsilonlambda.wordpress.com The social engineering toolkit is a project named Devolution, and it comes with Backtrack

More information

Penetration Testing Walkthrough

Penetration Testing Walkthrough Penetration Testing Walkthrough Table of Contents Penetration Testing Walkthrough... 3 Practical Walkthrough of Phases 2-5... 4 Chose Tool BackTrack (Armitage)... 5 Choose Target... 6 Phase 2 - Basic Scan...

More information

How to hack a website with Metasploit

How to hack a website with Metasploit How to hack a website with Metasploit By Sumedt Jitpukdebodin Normally, Penetration Tester or a Hacker use Metasploit to exploit vulnerability services in the target server or to create a payload to make

More information

AUTHOR CONTACT DETAILS

AUTHOR CONTACT DETAILS AUTHOR CONTACT DETAILS Name Dinesh Shetty Organization Paladion Networks Email ID dinesh.shetty@paladion.net Penetration Testing with Metasploit Framework When i say "Penetration Testing tool" the first

More information

Penetration Testing with Kali Linux

Penetration Testing with Kali Linux Penetration Testing with Kali Linux PWK Copyright 2014 Offensive Security Ltd. All rights reserved. Page 1 of 11 All rights reserved to Offensive Security, 2014 No part of this publication, in whole or

More information

Vulnerability Assessment and Penetration Testing

Vulnerability Assessment and Penetration Testing Vulnerability Assessment and Penetration Testing Module 1: Vulnerability Assessment & Penetration Testing: Introduction 1.1 Brief Introduction of Linux 1.2 About Vulnerability Assessment and Penetration

More information

Smartphone Pentest Framework v0.1. User Guide

Smartphone Pentest Framework v0.1. User Guide Smartphone Pentest Framework v0.1 User Guide 1 Introduction: The Smartphone Pentest Framework (SPF) is an open source tool designed to allow users to assess the security posture of the smartphones deployed

More information

Exploiting Transparent User Identification Systems

Exploiting Transparent User Identification Systems Exploiting Transparent User Identification Systems Wayne Murphy Benjamin Burns Version 1.0a 1 CONTENTS 1.0 Introduction... 3 1.1 Project Objectives... 3 2.0 Brief Summary of Findings... 4 3.0 Background

More information

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder. CMSC 355 Lab 3 : Penetration Testing Tools Due: September 31, 2010 In the previous lab, we used some basic system administration tools to figure out which programs where running on a system and which files

More information

Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts)

Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts) Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts) Course Module: 1. Introduction to Ethical Hacking 2. Footprinting a. SAM Spade b. Nslookup c. Nmap d. Traceroute

More information

The BackTrack Successor

The BackTrack Successor SCENARIOS Kali Linux The BackTrack Successor On March 13, Kali, a complete rebuild of BackTrack Linux, has been released. It has been constructed on Debian and is FHS (Filesystem Hierarchy Standard) complaint.

More information

Metasploit ing the target machine is a fascinating subject to all security professionals. The rich list of exploit codes and other handy modules of

Metasploit ing the target machine is a fascinating subject to all security professionals. The rich list of exploit codes and other handy modules of Metasploit ing the target machine is a fascinating subject to all security professionals. The rich list of exploit codes and other handy modules of Metasploit Framework make the penetrators life quite

More information

Penetration Testing Report Client: Business Solutions June 15 th 2015

Penetration Testing Report Client: Business Solutions June 15 th 2015 Penetration Testing Report Client: Business Solutions June 15 th 2015 Acumen Innovations 80 S.W 8 th St Suite 2000 Miami, FL 33130 United States of America Tel: 1-888-995-7803 Email: info@acumen-innovations.com

More information

Learn Ethical Hacking, Become a Pentester

Learn Ethical Hacking, Become a Pentester Learn Ethical Hacking, Become a Pentester Course Syllabus & Certification Program DOCUMENT CLASSIFICATION: PUBLIC Copyrighted Material No part of this publication, in whole or in part, may be reproduced,

More information

Remote Desktop Web Access. Using Remote Desktop Web Access

Remote Desktop Web Access. Using Remote Desktop Web Access Remote Desktop Web Access What is RD Web Access? RD Web Access is a Computer Science service that allows you to access department software and machines from your Windows or OS X computer, both on and off

More information

Installing NetSupport School for use with the NetSupport School Student extension for Google Chrome

Installing NetSupport School for use with the NetSupport School Student extension for Google Chrome Installing NetSupport School for use with the NetSupport School Student extension for Google Chrome NetSupport School delivers the tools you need to help maximise the effectiveness of computer led teaching

More information

ThinPoint Quick Start Guide

ThinPoint Quick Start Guide ThinPoint Quick Start Guide 2 ThinPoint Quick Start Guide Table of Contents Part 1 Introduction 3 Part 2 ThinPoint Windows Host Installation 3 1 Compatibility... list 3 2 Pre-requisites... 3 3 Installation...

More information

1. LAB SNIFFING LAB ID: 10

1. LAB SNIFFING LAB ID: 10 H E R A LAB ID: 10 SNIFFING Sniffing in a switched network ARP Poisoning Analyzing a network traffic Extracting files from a network trace Stealing credentials Mapping/exploring network resources 1. LAB

More information

The Value of Physical Memory for Incident Response

The Value of Physical Memory for Incident Response The Value of Physical Memory for Incident Response MCSI 3604 Fair Oaks Blvd Suite 250 Sacramento, CA 95864 www.mcsi.mantech.com 2003-2015 ManTech Cyber Solutions International, All Rights Reserved. Physical

More information

How to deploy SurveilStar PC/Internet Monitoring Software

How to deploy SurveilStar PC/Internet Monitoring Software How to deploy SurveilStar PC/Internet Monitoring Software 1/16 How to deploy SurveilStar PC/Internet Monitoring Software (Latest updated: April. 9, 2015) www.surveilstar.com This document provides detailed

More information

Enterprise Remote Control 5.6 Manual

Enterprise Remote Control 5.6 Manual Enterprise Remote Control 5.6 Manual Solutions for Network Administrators Copyright 2015, IntelliAdmin, LLC Revision 3/26/2015 http://www.intelliadmin.com Page 1 Table of Contents What is Enterprise Remote

More information

ArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young

ArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young ArcGIS Server Security Threats & Best Practices 2014 David Cordes Michael Young Agenda Introduction Threats Best practice - ArcGIS Server settings - Infrastructure settings - Processes Summary Introduction

More information

Author: Sumedt Jitpukdebodin. Organization: ACIS i-secure. Email ID: materaj@gmail.com. My Blog: http://r00tsec.blogspot.com

Author: Sumedt Jitpukdebodin. Organization: ACIS i-secure. Email ID: materaj@gmail.com. My Blog: http://r00tsec.blogspot.com Author: Sumedt Jitpukdebodin Organization: ACIS i-secure Email ID: materaj@gmail.com My Blog: http://r00tsec.blogspot.com Penetration Testing Linux with brute force Tool. Sometimes I have the job to penetration

More information

Pwning Intranets with HTML5

Pwning Intranets with HTML5 Javier Marcos de Prado Juan Galiana Lara Pwning Intranets with HTML5 2009 IBM Corporation Agenda How our attack works? How we discover what is in your network? What does your infrastructure tell us for

More information

Citrix : Remediation - MAC

Citrix : Remediation - MAC Citrix : Remediation - MAC Key Points: 1. 2. 3. 4. 5. 6. 7. Understanding End Point Scan Analysis Supported anti-virus and firewall products Configuring AVAST/SOPHOS and the Mac OS X Firewall Installing

More information

Network Attack Collaboration

Network Attack Collaboration Network Attack Collaboration Sharing the Shell RAPHAEL MUDGE Raphael Mudge is a Washington, DC, based code hacker. His current work is the Armitage GUI for Metasploit. His past projects include the After

More information

Armitage. Part 1. Author : r45c4l Mail : infosecpirate@gmail.com. http://twitter.com/#!/r45c4l

Armitage. Part 1. Author : r45c4l Mail : infosecpirate@gmail.com. http://twitter.com/#!/r45c4l Armitage H acking Made Easy Part 1 Author : r45c4l Mail : infosecpirate@gmail.com http://twitter.com/#!/r45c4l Greetz and shouts to the entire ICW team and every Indian hackers Introduction When I started

More information

VPN Web Portal Usage Guide

VPN Web Portal Usage Guide VPN Web Portal Usage Guide Table of Contents WHAT IS VPN WEB CLIENT 4 SUPPORTED WEB BROWSERS 4 LOGGING INTO VPN WEB CLIENT 5 ESTABLISHING A VPN CONNECTION 6 KNOWN ISSUES WITH MAC COMPUTERS 6 ACCESS INTRANET

More information

http://vpn.madeleyacademy.com

http://vpn.madeleyacademy.com Madeley Academy Remote Access http://vpn.madeleyacademy.com Members of Staff and Sixth form students are able to log into the shared and their user areas from home. System requirements Antivirus Trusted

More information

Automated Penetration Testing with the Metasploit Framework. NEO Information Security Forum March 19, 2008

Automated Penetration Testing with the Metasploit Framework. NEO Information Security Forum March 19, 2008 Automated Penetration Testing with the Metasploit Framework NEO Information Security Forum March 19, 2008 Topics What makes a good penetration testing framework? Frameworks available What is the Metasploit

More information

OutDisk 4.0 FTP FTP for Email Users using Microsoft Windows and/or Microsoft Outlook. 5/1/2012 2012 Encryptomatic LLC www.encryptomatic.

OutDisk 4.0 FTP FTP for Email Users using Microsoft Windows and/or Microsoft Outlook. 5/1/2012 2012 Encryptomatic LLC www.encryptomatic. OutDisk 4.0 FTP FTP for Email Users using Microsoft Windows and/or Microsoft Outlook 5/1/2012 2012 Encryptomatic LLC www.encryptomatic.com Contents What is OutDisk?... 3 OutDisk Requirements... 3 How Does

More information

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

ITEC441- IS Security. Chapter 15 Performing a Penetration Test 1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and

More information

Defcon 20 Owning One To Rule Them All. Dave DeSimone (@d2theave) Manager, Information Security Fortune 1000

Defcon 20 Owning One To Rule Them All. Dave DeSimone (@d2theave) Manager, Information Security Fortune 1000 Defcon 20 Owning One To Rule Them All Dave DeSimone (@d2theave) Manager, Information Security Fortune 1000 Dave Kennedy (@dave_rel1k) Founder, Principal Security Consultant @TrustedSec About the Speaker

More information

Windows PCs & Servers are often the life-blood of your IT investment. Monitoring them is key, especially in today s 24 hour world!

Windows PCs & Servers are often the life-blood of your IT investment. Monitoring them is key, especially in today s 24 hour world! + Welcome to The Sentry-go Monitoring System v6 Monitoring made quick & easy! Be Proactive, Not Reactive! 3Ds (UK) Limited http://www.sentry-go.com Welcome to Sentry-go Sentry-go is a quick & easy to use

More information

Shellshock Security Patch for X86

Shellshock Security Patch for X86 Shellshock Security Patch for X86 Guide for Using the FFPS Update Manager October 2014 Version 1.0. Page 1 Page 2 This page is intentionally blank Table of Contents 1.0 OVERVIEW - SHELLSHOCK/BASH SHELL

More information

Contents. Business Everywhere user guide. 1. Introduction. 2. How to Install/Uninstall Business Everywhere. 3. The Business Everywhere interface

Contents. Business Everywhere user guide. 1. Introduction. 2. How to Install/Uninstall Business Everywhere. 3. The Business Everywhere interface Contents 1. Introduction 2. How to Install/Uninstall Business Everywhere 3. The Business Everywhere interface 4. Launching Business Everywhere 5. Connection 6. Business Everywhere management tools 7. Troubleshooting

More information

The software can be downloaded from the Spiceworks web site at: http://www.spiceworks.com.

The software can be downloaded from the Spiceworks web site at: http://www.spiceworks.com. Spiceworks 2.0 Review One of the biggest headaches a network or system administrator faces is managing all of the equipment, software and services their network provides. From servers to workstations,

More information

WHM Administrator s Guide

WHM Administrator s Guide Fasthosts Customer Support WHM Administrator s Guide This manual covers everything you need to know in order to get started with WHM and perform day to day administrative tasks. Contents Introduction...

More information

CRYPTUS DIPLOMA IN IT SECURITY

CRYPTUS DIPLOMA IN IT SECURITY CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information

More information

Audience. Pre-Requisites

Audience. Pre-Requisites T R A N C H U L A S W O R K S H O P S A N D T R A I N I N G S Hands-On Penetration Testing Training Course About Tranchulas Tranchulas is a multinational information security company having its offices

More information

BSIDES Las Vegas Secret Pentesting Techniques Shhh...

BSIDES Las Vegas Secret Pentesting Techniques Shhh... BSIDES Las Vegas Secret Pentesting Techniques Shhh... Dave Kennedy Founder, Principal Security Consultant Email: davek@trustedsec.com https://www.trustedsec.com @TrustedSec Introduc)on As penetration testers,

More information

SYWorks Vulnerable Web Applications Compilation For Penetration Testing Installation Guide

SYWorks Vulnerable Web Applications Compilation For Penetration Testing Installation Guide SYWorks Vulnerable Web Applications Compilation For Penetration Testing Installation Guide This document provides installation guide on how to create your own penetration testing environment with the pre-installed

More information

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.

More information

Pen Test Tips 2. Shell vs. Terminal

Pen Test Tips 2. Shell vs. Terminal Pen Test Tips 2 Shell vs. Terminal Once you have successfully exploited a target machine you may be faced with a common dilemma that many penetration testers have, do I have shell access or terminal access?

More information

Seagate NAS OS 4 Reviewers Guide: NAS / NAS Pro / Business Storage Rackmounts

Seagate NAS OS 4 Reviewers Guide: NAS / NAS Pro / Business Storage Rackmounts Seagate NAS OS 4 Reviewers Guide: NAS / NAS Pro / Business Storage Rackmounts Seagate NAS OS 4 Reviewers Guide 2 Purpose of this guide Experience the most common use cases for the product, learn about

More information

Windows and MAC User Handbook Remote and Secure Connection Version 1.01 09/19/2013. User Handbook

Windows and MAC User Handbook Remote and Secure Connection Version 1.01 09/19/2013. User Handbook Windows and MAC User Handbook How to Connect Your PC or MAC Remotely and Securely to Your U.S. Department of Commerce Account Developed for You by the Office of IT Services (OITS)/IT Service Desk *** For

More information

CYBERTRON NETWORK SOLUTIONS

CYBERTRON NETWORK SOLUTIONS CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified

More information

Using Internet or Windows Explorer to Upload Your Site

Using Internet or Windows Explorer to Upload Your Site Using Internet or Windows Explorer to Upload Your Site This article briefly describes what an FTP client is and how to use Internet Explorer or Windows Explorer to upload your Web site to your hosting

More information

Operation Liberpy : Keyloggers and information theft in Latin America

Operation Liberpy : Keyloggers and information theft in Latin America Operation Liberpy : Keyloggers and information theft in Latin America Diego Pérez Magallanes Malware Analyst Pablo Ramos HEAD of LATAM Research Lab 7/7/2015 version 1.1 Contents Introduction... 3 Operation

More information

60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li

60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li 60467 Project 1 Net Vulnerabilities scans and attacks Chun Li Hardware used: Desktop PC: Windows Vista service pack Service Pack 2 v113 Intel Core 2 Duo 3GHz CPU, 4GB Ram, D-Link DWA-552 XtremeN Desktop

More information

Metasploit Lab: Attacking Windows XP and Linux Targets

Metasploit Lab: Attacking Windows XP and Linux Targets Cyber Forensics Laboratory 1 Metasploit Lab: Attacking Windows XP and Linux Targets Copyright c 2012 Michael McGinty and Xinwen Fu, University of Massachusetts Lowell Permission is granted to copy, distribute

More information

Synthesis Migration Guide

Synthesis Migration Guide Synthesis Migration Guide The purpose of this guide is to provide you with simple step- by- step instructions for migrating your WordPress website from its current hosting to a premium managed Synthesis

More information

Penetration Testing Using The Kill Chain Methodology

Penetration Testing Using The Kill Chain Methodology Penetration Testing Using The Kill Chain Methodology Presented by: Rupert Edwards This course is intended for a technically astute audience.this course is 98% hands on.the attendee should have some basic

More information

The Social-Engineer Toolkit (SET)

The Social-Engineer Toolkit (SET) The Social-Engineer Toolkit (SET) Putting the cool back into SE David Kennedy (ReL1K) http://www.secmaniac.com Twitter: Dave_ReL1K Social-Engineering in the 21 st Century Social-Engineering attacks are

More information

EZblue BusinessServer The All - In - One Server For Your Home And Business

EZblue BusinessServer The All - In - One Server For Your Home And Business EZblue BusinessServer The All - In - One Server For Your Home And Business Quick Start Guide Version 3.11 1 2 3 EZblue Server Overview EZblue Server Installation EZblue Server Configuration 4 EZblue Magellan

More information

Ekran System Help File

Ekran System Help File Ekran System Help File Table of Contents About... 9 What s New... 10 System Requirements... 11 Updating Ekran to version 4.1... 13 Program Structure... 14 Getting Started... 15 Deployment Process... 15

More information

NaviCell Data Visualization Python API

NaviCell Data Visualization Python API NaviCell Data Visualization Python API Tutorial - Version 1.0 The NaviCell Data Visualization Python API is a Python module that let computational biologists write programs to interact with the molecular

More information

The Pen Test Perfect Storm: Combining Network, Web App, and Wireless Pen Test Techniques Part 2

The Pen Test Perfect Storm: Combining Network, Web App, and Wireless Pen Test Techniques Part 2 The Test Perfect Storm: Combining Network, Web App, and Wireless Test Techniques Part 2 By Joshua Wright, Kevin Johnson, & Ed Skoudis Copyright 2009, All Rights Reserved Version 1Q09 Testing Perfect Storm

More information

The Pen Test Perfect Storm: Combining Network, Web App, and Wireless Pen Test Techniques Part 2

The Pen Test Perfect Storm: Combining Network, Web App, and Wireless Pen Test Techniques Part 2 The Test Perfect Storm: Combining Network, Web App, and Wireless Test Techniques Part 2 By Joshua Wright, Kevin Johnson, & Ed Skoudis Copyright 2009, All Rights Reserved Version 1Q09 1 Outline The Power

More information

Presented by:!!dave Kennedy (RELIK)"!!!!!Ryan Macfarlane "

Presented by:!!dave Kennedy (RELIK)!!!!!Ryan Macfarlane Presented by:!!dave Kennedy (RELIK)"!!!!!Ryan Macfarlane " Head Tail Hit Driven economy and retail market The limits of inventory The emergence of "everything" Key factors: Declining cost of inventory

More information

mystanwell.com Installing Citrix Client Software Information and Business Systems

mystanwell.com Installing Citrix Client Software Information and Business Systems mystanwell.com Installing Citrix Client Software Information and Business Systems Doc No: 020/12 Revision No: Revision Date: Page: 1 of 16 Contents Overview... 3 1. Microsoft Internet Explorer... 3 2.

More information

Nessus Agents. October 2015

Nessus Agents. October 2015 Nessus Agents October 2015 Table of Contents Introduction... 3 What Are Nessus Agents?... 3 Scanning... 4 Results... 6 Conclusion... 6 About Tenable Network Security... 6 2 Introduction Today s changing

More information

Shakambaree Technologies Pvt. Ltd.

Shakambaree Technologies Pvt. Ltd. Welcome to Support Express by Shakambaree Technologies Pvt. Ltd. Introduction: This document is our sincere effort to put in some regular issues faced by a Digital Signature and USB Token user doing on

More information

Network Projector Operation Guide

Network Projector Operation Guide Network Projector Operation Guide Table of contents Preparation...3 Connecting the projector with your computer...3 Wired connection... 3 Wireless connection (for selective models)... 4 QPresenter...7

More information

NetSupport Manager v11

NetSupport Manager v11 Remote Support For Any Environment NetSupport Manager v11 NetSupport Manager has been helping organizations optimize the delivery of their IT support services since 1989 and while the use of Remote Control

More information

USB HSPA Modem. User Manual

USB HSPA Modem. User Manual USB HSPA Modem User Manual Congratulations on your purchase of this USB HSPA Modem. The readme file helps you surf the Internet, send and receive SMS, manage contacts and use many other functions with

More information

IDS and Penetration Testing Lab ISA656 (Attacker)

IDS and Penetration Testing Lab ISA656 (Attacker) IDS and Penetration Testing Lab ISA656 (Attacker) Ethics Statement Network Security Student Certification and Agreement I,, hereby certify that I read the following: University Policy Number 1301: Responsible

More information

1. How do I access my VPS control panel?

1. How do I access my VPS control panel? VPS Business FAQ Section 1: Installation...2 1. How do I access my VPS control panel?...2 2. How do I access my Windows VPS?...6 3. How do I access my Linux VPS?...8 Section 2: using a VPS...9 4. How to

More information

Protect, License and Sell Xojo Apps

Protect, License and Sell Xojo Apps Protect, License and Sell Xojo Apps To build great software with Xojo, you focus on user needs, design, code and the testing process. To build a profitable business, your focus expands to protection and

More information

REMOTELY ACCESS YOUR FILES WITH THE FLAGLER FILECONNECT SYSTEM

REMOTELY ACCESS YOUR FILES WITH THE FLAGLER FILECONNECT SYSTEM REMOTELY ACCESS YOUR FILES WITH THE FLAGLER FILECONNECT SYSTEM This document explains the various ways to connect to your network files and group share data. In addition, staff and full-time faculty are

More information

AzMERIT Secure Browser Installation Manual For Technology Coordinators

AzMERIT Secure Browser Installation Manual For Technology Coordinators AzMERIT Secure Browser Installation Manual For Technology Coordinators 2014-2015 Revised January 5, 2015 Prepared by the American Institutes for Research Descriptions of the operation of the Test Information

More information

Web Conferencing Version 8.3 Troubleshooting Guide

Web Conferencing Version 8.3 Troubleshooting Guide System Requirements General Requirements Web Conferencing Version 8.3 Troubleshooting Guide Listed below are the minimum requirements for participants accessing the web conferencing service. Systems which

More information

Virtually Pwned Pentesting VMware. Claudio Criscione @paradoxengine c.criscione@securenetwork.it

Virtually Pwned Pentesting VMware. Claudio Criscione @paradoxengine c.criscione@securenetwork.it Virtually Pwned Pentesting VMware Claudio Criscione @paradoxengine c.criscione@securenetwork.it /me Claudio Criscione The need for security Breaking virtualization means hacking the underlying layer accessing

More information

SAFEGUARDING YOUR HOMEOWNERS ASSOCIATION AND COMMON AREAS

SAFEGUARDING YOUR HOMEOWNERS ASSOCIATION AND COMMON AREAS SAFEGUARDING YOUR HOMEOWNERS ASSOCIATION AND COMMON AREAS March 2011 www.cybersecurityguy.com 1 2 SAFEGUARDING YOUR HOMEOWNER'S ASSOCIATION AND COMMON AREAS Many Homeowner Associations provide security

More information

Advanced Diploma In Hardware, Networking & Server Configuration

Advanced Diploma In Hardware, Networking & Server Configuration Advanced Diploma In Hardware, Networking & Server Configuration Who should do this course? This course is meant for those persons who have a dream of getting job based on Computer Hardware, Networking

More information

WHY ATTACKER TOOLSETS DO WHAT THEY DO

WHY ATTACKER TOOLSETS DO WHAT THEY DO WHY ATTACKER TOOLSETS DO WHAT THEY DO (or.. Reasons they just keep working ) Matt McCormack OVER THE LAST YEAR 50+ engagements Good chunk of different verticals, industries, etc. Varying qualities and

More information

david d. rude Affiliated Computer Services Penetration Tester www.acs-inc.com <bannedit0 [ at ] gmail.com> Develop Codes for stuff www.metasploit.

david d. rude Affiliated Computer Services Penetration Tester www.acs-inc.com <bannedit0 [ at ] gmail.com> Develop Codes for stuff www.metasploit. david d. rude Affiliated Computer Services Penetration Tester www.acs-inc.com Metasploit Develop Codes for stuff www.metasploit.com 2 Definition Command injection is an attack

More information

Symantec Cyber Readiness Challenge Player s Manual

Symantec Cyber Readiness Challenge Player s Manual Symantec Cyber Readiness Challenge Player s Manual Version 1.6 January 20, 2014 Table of Contents Introduction... 3 1 The Cyber Readiness Challenge... 4 1.1 Your Credentials... 4 1.2 Accessing the Competition...

More information

Universal Management Service 2015

Universal Management Service 2015 Universal Management Service 2015 UMS 2015 Help All rights reserved. No parts of this work may be reproduced in any form or by any means - graphic, electronic, or mechanical, including photocopying, recording,

More information

Cyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security

Cyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security Cyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security The IT Security Office (ITSO) What We Do? Risk Assessment Network and System Security Monitoring Vulnerability Scanning

More information

ASL IT SECURITY BEGINNERS WEB HACKING AND EXPLOITATION

ASL IT SECURITY BEGINNERS WEB HACKING AND EXPLOITATION ASL IT SECURITY BEGINNERS WEB HACKING AND EXPLOITATION V 2.0 A S L I T S e c u r i t y P v t L t d. Page 1 Overview: Learn the various attacks like sql injections, cross site scripting, command execution

More information

Lab 7 - Exploitation 1. NCS 430 Penetration Testing Lab 7 Sunday, March 29, 2015 John Salamy

Lab 7 - Exploitation 1. NCS 430 Penetration Testing Lab 7 Sunday, March 29, 2015 John Salamy Lab 7 - Exploitation 1 NCS 430 Penetration Testing Lab 7 Sunday, March 29, 2015 John Salamy Lab 7 - Exploitation 2 Item I. (What were you asked to do?) Metasploit Server Side Exploits Perform the exercises

More information

IDS and Penetration Testing Lab ISA 674

IDS and Penetration Testing Lab ISA 674 IDS and Penetration Testing Lab ISA 674 Ethics Statement Network Security Student Certification and Agreement I,, hereby certify that I read the following: University Policy Number 1301: Responsible Use

More information

MyUSBOnly User Guide Menu

MyUSBOnly User Guide Menu MyUSBOnly User Guide Menu Welcome - Lock the Bad Guys out of your USB ports!... 2 System Requirement... 4 Important Notes... 4 FAQ How to install a trial version MyUSBOnly?... 5 FAQ How to buy and install

More information

Ethical Hacking Course Layout

Ethical Hacking Course Layout Ethical Hacking Course Layout Introduction to Ethical Hacking o What is Information Security? o Problems faced by the Corporate World o Why Corporate needs Information Security? Who is a Hacker? o Type

More information

TUNNA. A tool designed to bypass firewall restrictions on remote webservers. By: Rodrigo Marcos Nikos Vassakis

TUNNA. A tool designed to bypass firewall restrictions on remote webservers. By: Rodrigo Marcos Nikos Vassakis TUNNA A tool designed to bypass firewall restrictions on remote webservers By: Rodrigo Marcos Nikos Vassakis Web Applications What a User sees Web Applications What a Penetration Tester sees 80/443 Firewall

More information

Getting Started With Halo for Windows

Getting Started With Halo for Windows Getting Started With Halo for Windows For CloudPassage Halo Protecting your Windows servers in a public or private cloud is much easier and more secure with CloudPassage Halo for Windows. Halo for Windows

More information

Secure Web Development Teaching Modules 1. Security Testing. 1.1 Security Practices for Software Verification

Secure Web Development Teaching Modules 1. Security Testing. 1.1 Security Practices for Software Verification Secure Web Development Teaching Modules 1 Security Testing Contents 1 Concepts... 1 1.1 Security Practices for Software Verification... 1 1.2 Software Security Testing... 2 2 Labs Objectives... 2 3 Lab

More information

ISL Tools 1.0 Manual

ISL Tools 1.0 Manual ISL Tools 1.0 Manual ISL Tools 1.0 Manual Contents 2 Table of Contents Foreword 0 Part I ISL WebStart 3... 1 Introduction 3... 2 Installation 3 Part II ISL Player 5... 1 Introduction 5... 2 How to Start

More information

The Monitis Monitoring Agent ver. 1.2

The Monitis Monitoring Agent ver. 1.2 The Monitis Monitoring Agent ver. 1.2 General principles, Security and Performance Monitis provides a server and network monitoring agent that can check the health of servers, networks and applications

More information

Targeted attacks: Tools and techniques

Targeted attacks: Tools and techniques Targeted attacks: Tools and techniques Performing «red-team» penetration tests Lessons learned Presented on 17/03/2014 For JSSI OSSIR 2014 By Renaud Feil Agenda Objective: Present tools techniques that

More information

Vulnerability analysis

Vulnerability analysis Vulnerability analysis License This work by Z. Cliffe Schreuders at Leeds Metropolitan University is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. Contents License Contents

More information

PowerMapper/SortSite Desktop Deployment Guide v2.11. 1. Introduction

PowerMapper/SortSite Desktop Deployment Guide v2.11. 1. Introduction PowerMapper/SortSite Desktop Deployment Guide v2.11 1. Introduction... 1 2. Architecture... 2 3. Independent Certification... 2 4. Setup.exe Command Line... 2 5. Registry Settings... 3 6. Deployment using

More information

LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS

LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS 1 LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS Te-Shun Chou and Tijjani Mohammed Department of Technology Systems East Carolina University chout@ecu.edu Abstract

More information